Month: July 2017

Unable to Start Web Service on Windows 10

Post author By Bhargav Atturu
Post date July 20, 2017

Problem

Users installing the exacqVision web service on Windows 10 machines find that the exacqVision web service is not enabled and encounter errors when attempting to manually start the service.

Cause

This is due to a port conflict. The default port used by evApache is port 80. This is also the default port for most web services. Windows 10 contains a service which is enabled by default that binds to port 80 before evApache attempts to start and since two services cannot bind to the same port number, evApache and the exacqVision web service fail to start.

Resolution

There are two possible ways to work around this.

Open Services.msc in Windows and locate the ‘World Wide Web Publishing Service’. Stop this service and change the start up type to ‘Disabled’. You may also consider disabling the IIS service if it is installed on your machine. After these changes have been made you may either reboot your machine or manually start the exacqVision web service.
Manually change the port number to something other than the default of 80. This requires editing a configuration file in Apache. You may find instructions on this in the following knowledge base article: 42205

Unable-to-Start-Web-Service-on-Windows-10.pdf

Tags Unable to Start Web Service, Windows 10, Unable to Start Web Service on Windows 10, 1093, Guest, Windows, Web Service, KB-00131-131-210208

Knowledge Support Support exacqVision Enterprise Categories Products

Distorted login page for deleted users actively on ESM webpage

Post author By Bhargav Atturu
Post date July 20, 2017

Description

User that is deleted while logged into ESM browser, will see a distorted login page

Tested Version

1.11.2.50128

Platform

All.

Steps to reproduce

Log into ESM as a user.
With an ESM admin, delete the user from step above.

Expected result

User sees a login page.

Actual result

User sees a distorted layout login page.

Work around

Refresh the page.

Distorted-login-page-for-deleted-users-actively-on-ESM-webpage.pdf

Tags Login Page, 1049, Guest, ESM, Enterprise System Manager, Enterprise, KB-00127-127-210205

Knowledge Support Support exacqVision Server Categories Products

Windows update KB3033929 required for 8.6 release

Post author By Bhargav Atturu
Post date July 11, 2017

Exacq upgraded they software signing certificate, which means Windows 7 systems will require Windows update KB3033929 for Hardware Monitoring and motherboard watchdog functionality to work.

Link to download the KB: https://www.microsoft.com/en-us/download/details.aspx?id=46148

Windows-update-KB3033929-required-for-8.6-release.pdf

Tags Guest, Server Software, Windows Update, KB-00139-139-210208, 8.6 Release, 1130

User Guides Documentation exacqVision Server Categories Products

Security Whitepaper

Post author By Bhargav Atturu
Post date July 11, 2017

Login Delay

exacqVision Server implements a login delay, in order to address the risk of various flavors of brute force attacks. More information on the nature of these attacks can be easily found elsewhere; hence, they will not be further described here.

The login delay mechanism introduces a progressive delay before completing authentication. The objective here is to increase the time required in order to carry out various flavors of intrusion attempt. The delay increases 1 second with each subsequent authentication failure, to a maximum of 26 seconds. Do note the following version-specific behaviors:

Beginning with server version 6.6.0, when login delay was first introduced, a subsequent successful login with good credentials would immediately reset the delay mechanism and emit successful login response.
Server 8.6.0 then began to apply the same delay to the first subsequent successful login as well, in keeping with security best practices (see https://cwe.mitre.org/data/definitions/307.html ). However, a few ensuing problems were then observed:
1. If the delay value had increased to a large value, it would cause a Client with good credentials to arbitrarily wait for the entire delay, and give an impression of defective behavior like server or connection having stalled or otherwise become unresponsive.
2. The web service has always abandoned a connection after 10 seconds. Therefore, once the delay value had reached 10 seconds, no web service could then connect to that server unless a client were used to “unlock” the account in question, even if the web service were using correct credentials.
3. In a network arrangement where all remote clients come in via gateway and hence appear with identical IP address, one “bad” client could effectively cause a denial of service for all other remote clients.

Server 8.6.x then reduced the delay on good login to a brief duration, in order that web service would not become seemingly “locked out”, and therefore would not have to be “unlocked” via another client or web service.

In a nominal scenario, users consistently log in to the server with correct username and password, and therefore would never encounter the login delay. This is made likely by virtue of the fact that ESM, Client, and the web service all persist server lists (per-user for Client, per-system for ESM and web service). Here, complications arise once a user’s password has been changed, which may never occur on legacy systems with no password change enforcement. But at the same time, every new server list entry presents an opportunity for bad credential usage, and therefore at least some encounter with the login delay mechanism.

Security-Whitepaper.pdf

Tags Server, Security, KB-00138-138-210208, Whitepaper, Login Delay, Security Whitepaper, 1124, Guest